Explain:bind *:80 – I’ve bound this frontend to all network interfaces on port 80. HAProxy will listen on port 80 on each available network for new HTTP connections

mode http – This is listening for HTTP connections. HAProxy can handle lower-level TCP connections as well, which is useful for load balancing things like MySQL read databases, if you setup database replication

default_backend nginx – This frontend should use the backend named nginx, which we’ll see next.

option forwardfor – Adds the X-Forwarded-For header so our applications can get the clients actually IP address. Without this, our application would instead see every incoming request as coming from the load balancer’s IP addresshttp-request set-header X-Forwarded-Port %[dst_port] – We manually add the X-Forwarded-Port header so that our applications knows what port to use when redirecting/generating URLs.
* Note that we use the dst_port “destination port” variable, which is the destination port of the client HTTP request.option httpchk HEAD / HTTP/1.1\r\nHost:localhost – Set the health check HAProxy uses to test if the web servers are still responding. If these fail to respond without error, the server is removed from HAProxy as one to load balance between. This sends a HEAD request with the HTTP/1.1 and Host header set, which might be needed if your web server uses virtualhosts to detect which site to send traffic tohttp-request add-header X-Forwarded-Proto https if { ssl_fc } – We add the X-Forwarded-Proto header and set it to “https” if the “https” scheme is used over “http” (via ssl_fc). Similar to the forwarded-port header, this can help our web applications determine which scheme to use when building URL’s and sending redirects (Location headers).server web01-2 xx.xx.xx.xx:80 check – These two lines add the web servers for HAProxy to balance traffic between. It arbitrarily names each one web01-web02, set’s their IP address and port, and adds the directive check to tell HAProxy to health check the server